Dropbox 16 – Dropbox Server (Logging)

We can fix a lot of issues by modifying our dynamic configuration files, but not if we don’t know what the problem is. Did the client give us the wrong gateway? Did they forget to enable our credentials on their proxy? Or, did we fat-finger the static IP?

We’ll log a good deal of information to the USB so the client can just pull it off and email it to us. Some of the information might be considered a bit sensitive, though, so we’ll go ahead and encrypt it at the source.

One step you may or may not want to take is the DNS “exfiltration”. I have the Dropbox Server reach out to ipecho.net to find out its external IP. It then obfuscates that information and makes a request to our DNS server for a non-existent FQDN based on the obfuscated IP. What this allows us to do is block all traffic to the HAProxy except for the source addresses of our Dropbox Servers. The client should provide this information, but it isn’t always correct…